Fraud costs the global economy $5.127 trillion each year! eCommerce fraud is a growing menace for any retail business and is an unfortunate truth that most eCommerce sellers and marketplaces face.

‍

It is costly, and it hurts your brand and business. It is growing at such an exponential rate that it is poised to become the biggest ecommerce headache in 2024. Check these figures -The per dollar cost of ecommerce fraud on retailers has increased, from $2.40 in 2016 to $3.13 in 2019 and $3.36 in 2020. 

‍

Types of eCommerce fraud

‍

‍1) Credit card fraud

A credit card is one of the easiest ways to pay for online purchases. So, it's no surprise that the majority of incidences of online fraud involve credit cards. Here are some crucial details of commonly recognized credit card fraud.

‍

Identity fraud: Happens when fraudsters steal crucial customer details like personal information, financial information, password & security codes (CVV/CSC/CID codes). It affects the reputation of the eCommerce brand as customers feel that their personal & financial information is not in safe hands.

‍

Card testing fraud: Sometimes, thieves will "test" stolen credit card information by making a small purchase. If the transaction is approved, they make larger purchases using the valid card information.

‍

Card-Not-Present (CNP) fraud: Refers to any credit card transaction where a purchase is made without presenting the physical card to the merchant to complete the transaction.

‍

Refund fraud: Sometimes thieves buy something online with stolen credit cards & return it for a refund issued to the thief quickly. It is a popular way to get quick cash at someone else's expense.

‍

Phishing: This credit card fraud is more prevalent in today's times. Fraudsters call customers and persuade them to reveal critical credit card information like credit card number to steal money.

‍

‍2) Phone fraud

Phone fraud is a challenge for ecommerce merchants. You can lose thousands of dollars in just a few minutes without even realizing you have been scammed. It involves telephones and voice impersonations to access sensitive information such as credit card details, social security numbers, and bank account information.

‍

The scammer will attempt to extract data from you using fear, intimidation or sob stories to get you to believe that you owe money or that you are entitled to a refund or some compensation.

‍

‍3) Account Takeover (ATO) fraud

Account takeover is a top threat to eCommerce businesses and their customers due to the financial losses and mitigation efforts. It happens when a cybercriminal steals funds or information by gaining access to the victim's login credentials.

‍

They use various techniques to break into a financial bank account and take control of it, like Simcard swapping, mobile banking trojans, malware, and man-in-the-middle attacks. 

‍‍

4) Interception fraud

Interception fraud occurs when fraudsters create orders where the billing and shipping addresses match the address linked with the card. The goal after that is to intercept the ordered package before it reaches the specified address.

‍

There are some common tactics that fraudsters can use to do interception fraud:

• They request that a customer service representative change the address on the order before shipment.

• They contact the shipper to reroute the package to a location to retrieve the stolen goods.

• They can steal the package from the drop-off location if they know the victim and live nearby.

• They can share with you an SMS link that claims the package could not be delivered on time and ask you for an OTP code for verification. The moment you share it, the imposter steals money from the customer's bank account. 

‍

‍5) COD fraud

Customers may receive a call from an unknown person posing as an eCommerce company's delivery executive and requesting payment for a Cash on delivery (COD) order.

‍

The scam is that the customer did not place an order, and the delivery executive may hand over any random parcel and demand money. You may also receive spurious messages from courier companies instructing you to keep cash on hand and pay the delivery executive for online orders.

‍

Steps for preventing eCommerce fraud on eCommerce site

With online fraud costing retailers billions of dollars every year, retailers are looking for better ways to protect their business and consumer interests. Take a look at some tested ways for preventing frauds on an eCommerce website.

‍

1) Use CVV number of all transactions

The three-digit code on the back of credit cards and debit cards is called the Card Verification Value (CVV). By making it mandatory to enter the CVV code for all transactions, eCommerce businesses can ensure that customers have the physical credit/debit card in their possession. It ensures every financial transaction is safe and reduces fraud.

‍

2) Double check that credit card address and IP addresses match

Every order placed on an eCommerce website originates from a unique IP address, which can determine the geolocation from where the customer is purchasing. If the city or region does not match the address of the credit card being used, there is a red flag, and the concerned credit card transaction is declined.

‍

3) Use an Address Verification Service (AVS)

The Address Verification Service (AVS) compares the billing address entered by the customer to the billing address issued by the bank. This crucial check is performed as part of the merchant's credit card transaction authorization request. If both the addresses do not match, the system either rejects the transaction or flags it for further investigation.

‍

4) Conduct regular site audits

Site audits help discover flaws in security before fraudsters take advantage of it. eCommerce businesses need to follow this checklist to ensure if website element is in order:

• Is your eCommerce business PCI-DSS compliant?

• Are we scanning our website regularly for malware?

• Are we encrypting communication between our store, customers and suppliers?

• Is your SSL certificate working as 85% of customers avoid an unsecured website?

• Are you using HTTPS protocol for secure communication over the internet?

• Does your eCommerce platform offer an encrypted payment gateway authentication protocol?

• Do you provide two-factor authentication on customer accounts?

• Are you using a good  hosting service for eCommerce site security?

• Are you using CDN services that provide security features like malware scanning & blocking spambots?

• Do we use strong passwords for admin accounts, hosting dashboards, CMS, database, and FTP access?

‍‍

5) Avoid collecting sensitive user data‍

Collecting and storing as little customer data as possible is one way to protect your store in the event of a data breach or hack. As a result, only collect the information required to complete a transaction and ship the product like name, address & mobile number. Avoid collecting credit card data, birth dates, and other sensitive customer information that isn't necessary.

‍‍

6) Avoid COD fraud

Here are some best practices to avoid COD fraud:

• You can use a prepaid COD option & other coupons to ensure that you receive some initial payment.

• Any return COD orders will be charged an additional fee.

• Check that you have the correct buyer's address.

• Use artificial intelligence to detect fraudulent orders.

‍

eCommerce fraud is a severe issue in online shopping, and customers are the ones who are most affected by it, but it is important to note that online stores are also losing money due to fraudulent orders. That is why we have written this blog post to provide online store owners with actionable information about eCommerce frauds and how to fight them.

‍

eCommerce websites built on Fynd Platform have bundled SSL and secure payment gateway, ensuring a high level of security for brand websites. You can have a fully secured eCommerce website up and running in 30 minutes. To know-how! Book a demo or Contact us immediately.